package com.github.wxiaoqi.security.gate.controller;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import com.github.wxiaoqi.security.common.model.ObjectDataResponse;
import com.github.wxiaoqi.security.gate.jwt.JwtAuthenticationRequest;
import com.github.wxiaoqi.security.gate.jwt.JwtAuthenticationResponse;
import com.github.wxiaoqi.security.gate.service.AuthService;
import com.github.wxiaoqi.security.gate.vo.FrontUser;

@RestController
@RequestMapping("jwt")
public class AuthController {
    @Value("${gate.jwt.header}")
    private String tokenHeader;

    @Autowired
    private AuthService authService;

    @RequestMapping(value = "token", method = RequestMethod.POST)
    public ObjectDataResponse<String> createAuthenticationToken(
            @RequestBody JwtAuthenticationRequest authenticationRequest) {
    	String desc= "得到token";
        final String token = authService.login(authenticationRequest.getPhone(), authenticationRequest.getPassword());
        return new ObjectDataResponse<String>(0,desc+"成功",token);
    }

    @RequestMapping(value = "refresh", method = RequestMethod.GET)
    public ObjectDataResponse<String> refreshAndGetAuthenticationToken(
            HttpServletRequest request) {
    	String desc="刷新token";
        String token = request.getHeader(tokenHeader);
        String refreshedToken = authService.refresh(token);
        if(StringUtils.isEmpty(refreshedToken)) {
            return new ObjectDataResponse<String>(1,desc+"失败");
        } else {
            return  new ObjectDataResponse<String>(0,desc+"成功",refreshedToken);
        }
    }

    @RequestMapping(value = "verify", method = RequestMethod.GET)
    public ObjectDataResponse<Object> verify(String token,String resource){
    	String desc ="验证token";
        if(authService.validate(token,resource))
            return new ObjectDataResponse<Object>(0,desc+"成功");
        else
            return new ObjectDataResponse<Object>(1,"验证token失败");
    }

    @RequestMapping(value = "invalid", method = RequestMethod.POST)
    public ObjectDataResponse<?> invalid(@RequestHeader("access-token") String token){
    	String description = "取消密码";
        authService.invalid(token);
        return new ObjectDataResponse<String>(0,description);
    }

    @RequestMapping(value = "user", method = RequestMethod.GET)
    public ResponseEntity<?> getUserInfo(String token){
        FrontUser userInfo = authService.getUserInfo(token);
        if(userInfo==null)
            return ResponseEntity.status(401).body(false);
        else
            return ResponseEntity.ok(userInfo);
    }
}
